Hello, I am currently at the tail end of a Countermeasures and Defense Course. I have followed several guides on hardening a Windows Server 2003 box but one part id like to harden is services. Using Metesploit and some other tools services are sometimes exploited and I want to shut down all I dont need in order to use the only feature this box is required to have. It has IIS and has a working web page. ALong with the need to RDP to the box and we are not allowed to change RDP port from 3389. So port 80 and 3389 are open rest are closed.

Hi, Security Configuration Wizard (SCW) combined with the high security workstation template (hisecws.inf) would give you a good hardening baseline for your server (from network exposure perspective among other things). SCW: http://technet.microsoft.com/en-us/library/cc757109%28v=ws.10%29.aspx Security Templates: http://technet.microsoft.com/en-us/library/cc787720%28v=ws.10%29.aspx Cheers.